Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/3130332e3137392e36362e302f32332d3234203d3e20313531303030.roa
File:                     3130332e3137392e36362e302f32332d3234203d3e20313531303030.roa (raw, json)
Hash identifier:          5P014E1vh45qM6aR+Ldp3g4rfdACGPl5tqqo9VwzVBw=
Subject key identifier:   6E:34:11:FE:18:72:53:F5:22:3A:69:F7:BE:68:B5:40:53:0B:8B:56
Certificate issuer:       /CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270
Certificate serial:       4DEA9222B968BBD3B4584DDC0727A3237E0187A5
Authority key identifier: 5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/3130332e3137392e36362e302f32332d3234203d3e20313531303030.roa
Signing time:             Wed 08 May 2024 09:24:14 +0000
ROA not before:           Wed 08 May 2024 09:19:14 +0000
ROA not after:            Wed 07 May 2025 09:24:14 +0000
asID:                     151000
IP address blocks:        103.179.66.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl
                          rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 06:57:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:ea:92:22:b9:68:bb:d3:b4:58:4d:dc:07:27:a3:23:7e:01:87:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270
        Validity
            Not Before: May  8 09:19:14 2024 GMT
            Not After : May  7 09:24:14 2025 GMT
        Subject: CN=6E3411FE187253F5223A69F7BE68B540530B8B56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:83:be:5d:f1:97:fd:80:4c:92:04:e5:2d:8b:
                    7d:65:2e:88:32:8d:23:18:84:cf:b4:a0:b4:e7:d3:
                    56:4b:7d:9c:b9:05:93:01:9f:b1:a1:98:ab:82:6e:
                    2e:62:78:24:0b:1d:24:e1:84:e3:bb:8a:63:d8:ad:
                    8d:ac:c4:7a:c2:68:72:a7:95:b8:aa:1f:9d:c1:d6:
                    f6:c5:1d:59:6d:59:b0:30:2c:81:89:bd:d5:d1:84:
                    0c:87:c7:1f:bd:58:59:e1:80:0d:f4:65:c4:0a:93:
                    d2:ec:25:49:2a:e9:24:f5:d7:6b:08:b4:7d:35:29:
                    ae:ce:0c:25:19:2b:59:bb:8c:a1:6c:38:e9:22:06:
                    65:13:ad:8e:97:fe:76:95:b4:7e:4a:b1:c7:49:80:
                    ba:2c:63:2c:71:18:27:6c:08:89:b8:74:a4:6b:0e:
                    6b:6f:35:63:72:41:3b:cf:a5:a3:83:0a:5c:55:d9:
                    36:07:e9:43:db:7a:38:f5:53:fd:16:12:b8:07:0f:
                    4f:52:e7:44:21:84:88:d0:5a:b7:60:19:0f:06:f6:
                    ef:6d:7c:fd:95:cf:60:51:24:a4:56:a8:af:c3:64:
                    64:a5:42:3c:45:ef:19:0d:28:6d:0b:2d:3c:e5:a0:
                    1a:30:bf:f7:f8:d6:c0:ba:76:0e:85:87:b2:4f:01:
                    7b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:34:11:FE:18:72:53:F5:22:3A:69:F7:BE:68:B5:40:53:0B:8B:56
            X509v3 Authority Key Identifier:
                keyid:5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/3130332e3137392e36362e302f32332d3234203d3e20313531303030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.179.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:a8:89:01:e6:e9:0d:6c:0e:76:16:91:e3:f1:eb:7d:dc:96:
         5d:60:d1:b3:51:c1:28:64:d1:13:e1:7a:27:63:15:56:11:88:
         57:6e:c5:f8:85:3a:09:e1:e3:db:b4:15:38:09:2c:f8:f5:22:
         08:31:8a:e9:78:a5:38:f2:b1:11:0f:df:3d:43:2b:03:9d:87:
         a3:7d:d2:10:a5:ca:a8:eb:b1:2d:82:1d:76:8f:f0:71:7c:96:
         24:ad:dd:d0:96:6f:b4:11:ab:8f:dd:d4:9a:c9:bc:f3:eb:b8:
         1a:e5:43:6f:2d:c0:b5:6d:a6:ae:44:ca:cc:2a:23:81:17:4b:
         b2:b8:58:04:34:ea:99:9e:d8:b9:79:47:59:df:9b:27:80:4a:
         bf:eb:9a:99:9e:5d:a9:10:ec:06:8c:b8:6b:1c:30:4c:3d:f1:
         86:47:03:f6:5b:85:45:af:c2:63:00:08:58:59:f4:61:f9:64:
         3c:b9:99:1d:a2:96:b8:f8:91:3e:03:16:c4:e3:20:4a:b3:ec:
         07:50:78:ec:da:24:d3:95:22:ac:66:ce:42:b6:46:37:e4:65:
         42:18:98:55:a8:a4:25:af:16:7c:cb:e5:92:f8:6f:15:fe:af:
         fa:d3:76:f0:db:7b:60:9e:70:fd:af:bd:ed:92:89:64:5e:a7:
         63:44:39:1b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUTeqSIrlou9O0WE3cByejI34Bh6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRF
RUFDQTI3MDAeFw0yNDA1MDgwOTE5MTRaFw0yNTA1MDcwOTI0MTRaMDMxMTAvBgNV
BAMTKDZFMzQxMUZFMTg3MjUzRjUyMjNBNjlGN0JFNjhCNTQwNTMwQjhCNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWg75d8Zf9gEySBOUti31lLogy
jSMYhM+0oLTn01ZLfZy5BZMBn7GhmKuCbi5ieCQLHSThhOO7imPYrY2sxHrCaHKn
lbiqH53B1vbFHVltWbAwLIGJvdXRhAyHxx+9WFnhgA30ZcQKk9LsJUkq6ST112sI
tH01Ka7ODCUZK1m7jKFsOOkiBmUTrY6X/naVtH5KscdJgLosYyxxGCdsCIm4dKRr
DmtvNWNyQTvPpaODClxV2TYH6UPbejj1U/0WErgHD09S50QhhIjQWrdgGQ8G9u9t
fP2Vz2BRJKRWqK/DZGSlQjxF7xkNKG0LLTzloBowv/f41sC6dg6Fh7JPAXtFAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUbjQR/hhyU/UiOmn3vmi1QFMLi1YwHwYDVR0j
BBgwFoAUW9NBptRq9Sz/I6XR4liUlO6sonAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
ZTEyNzQzZC1kNTZkLTRhNzctOTBlMi1jNTJlNmRmZTA2YzIvMC81QkQzNDFBNkQ0
NkFGNTJDRkYyM0E1RDFFMjU4OTQ5NEVFQUNBMjcwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRFRUFD
QTI3MC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNlMTI3NDNkLWQ1NmQtNGE3Ny05
MGUyLWM1MmU2ZGZlMDZjMi8wLzMxMzAzMzJlMzEzNzM5MmUzNjM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNTMxMzAzMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ7NCMA0GCSqG
SIb3DQEBCwUAA4IBAQAXqIkB5ukNbA52FpHj8et93JZdYNGzUcEoZNET4XonYxVW
EYhXbsX4hToJ4ePbtBU4CSz49SIIMYrpeKU48rERD989QysDnYejfdIQpcqo67Et
gh12j/BxfJYkrd3Qlm+0EauP3dSaybzz67ga5UNvLcC1baauRMrMKiOBF0uyuFgE
NOqZnti5eUdZ35sngEq/65qZnl2pEOwGjLhrHDBMPfGGRwP2W4VFr8JjAAhYWfRh
+WQ8uZkdopa4+JE+AxbE4yBKs+wHUHjs2iTTlSKsZs5CtkY35GVCGJhVqKQlrxZ8
y+WS+G8V/q/603bw23tgnnD9r73tkolkXqdjRDkb
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:14 2024 by rpki-client on console-fra.rpki-client.org